const X509_NAME *name = NULL;
X509_NAME *CAname = NULL, *subject = NULL;
const ASN1_TIME *tm;
- ASN1_STRING *str, *str2;
- ASN1_OBJECT *obj;
+ const ASN1_STRING *str, *str2;
+ const ASN1_OBJECT *obj;
X509 *ret = NULL;
- X509_NAME_ENTRY *ne, *tne;
+ const X509_NAME_ENTRY *ne, *tne;
EVP_PKEY *pktmp;
int ok = -1, i, j, last, nid;
const char *p;
last = -1;
for (;;) {
- X509_NAME_ENTRY *push = NULL;
+ const X509_NAME_ENTRY *push = NULL;
/* lookup the object in the supplied name list */
j = X509_NAME_get_index_by_OBJ(name, obj, last);
/*
* Build up the subject name set.
*/
- n = X509_REQ_get_subject_name(req);
+ n = X509_NAME_new();
+ if (n == NULL)
+ goto end;
for (i = 0;; i++) {
if (sk_CONF_VALUE_num(sk) <= i)
goto end;
}
+ if (!X509_REQ_set_subject_name(req, n))
+ goto end;
+
/*
* Now extract the key from the SPKI structure.
*/
ext_copy, 0, dateopt);
end:
X509_REQ_free(req);
+ X509_NAME_free(n);
CONF_free(parms);
NETSCAPE_SPKI_free(spki);
X509_NAME_ENTRY_free(ne);
#define UNSET_DAYS -2 /* -1 may be used for testing expiration checks */
#define EXT_COPY_UNSET -1
-static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, X509_NAME *fsubj,
+static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, const X509_NAME *fsubj,
int mutlirdn, int attribs, unsigned long chtype);
static int prompt_info(X509_REQ *req,
STACK_OF(CONF_VALUE) *dn_sk, const char *dn_sect,
char *passin = NULL, *passout = NULL;
char *nofree_passin = NULL, *nofree_passout = NULL;
char *subj = NULL;
- X509_NAME *fsubj = NULL;
+ const X509_NAME *fsubj = NULL;
char *template = default_config_file, *keyout = NULL;
const char *keyalg = NULL;
OPTION_CHOICE o;
EVP_PKEY *pub_key = X509_REQ_get0_pubkey(req);
EVP_PKEY *issuer_key = CAcert != NULL ? CAkey : pkey;
X509V3_CTX ext_ctx;
- X509_NAME *issuer = CAcert != NULL ? X509_get_subject_name(CAcert) : X509_REQ_get_subject_name(req);
- X509_NAME *n_subj = fsubj != NULL ? fsubj : X509_REQ_get_subject_name(req);
+ const X509_NAME *n_subj = fsubj != NULL ? fsubj : X509_REQ_get_subject_name(req);
+ const X509_NAME *issuer = CAcert != NULL ? X509_get_subject_name(CAcert)
+ : X509_REQ_get_subject_name(req);
if (CAcert != NULL && keyfile != NULL)
BIO_puts(bio_err,
"Warning: Not using -key or -newkey for signing since -CA option is given\n");
lh_OPENSSL_STRING_free(addexts);
OPENSSL_free(keyalgstr);
X509_REQ_free(req);
- X509_NAME_free(fsubj);
+ X509_NAME_free((X509_NAME *)fsubj);
X509_free(new_x509);
X509_free(CAcert);
EVP_PKEY_free(CAkey);
return ret;
}
-static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, X509_NAME *fsubj,
+static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, const X509_NAME *fsubj,
int multirdn, int attribs, unsigned long chtype)
{
int ret = 0, i;
char *type, *value;
const char *def;
CONF_VALUE *v;
- X509_NAME *subj = X509_REQ_get_subject_name(req);
+ X509_NAME *subj;
+ int ret = 0;
+
+ if ((subj = X509_NAME_new()) == NULL)
+ goto err;
if (!batch) {
BIO_puts(bio_err,
if ((nid = OBJ_txt2nid(type)) == NID_undef)
goto start;
if (!join(buf, sizeof(buf), v->name, "_default", "Name"))
- return 0;
+ goto err;
if ((def = app_conf_try_string(req_conf, dn_sect, buf)) == NULL)
def = "";
if (!join(buf, sizeof(buf), v->name, "_value", "Name"))
- return 0;
+ goto err;
if ((value = app_conf_try_string(req_conf, dn_sect, buf)) == NULL)
value = NULL;
if (!join(buf, sizeof(buf), v->name, "_min", "Name"))
- return 0;
+ goto err;
if (!app_conf_try_number(req_conf, dn_sect, buf, &n_min))
n_min = -1;
if (!join(buf, sizeof(buf), v->name, "_max", "Name"))
- return 0;
+ goto err;
if (!app_conf_try_number(req_conf, dn_sect, buf, &n_max))
n_max = -1;
if (!add_DN_object(subj, v->value, def, value, nid,
n_min, n_max, chtype, mval))
- return 0;
+ goto err;
}
if (X509_NAME_entry_count(subj) == 0) {
BIO_puts(bio_err, "Error: No objects specified in config file\n");
- return 0;
+ goto err;
+ }
+
+ if (X509_REQ_set_subject_name(req, subj) == 0) {
+ BIO_printf(bio_err, "Error: Can't set subject name\n");
+ goto err;
}
if (attribs) {
def = "";
if (!join(buf, sizeof(buf), type, "_value", "Name"))
- return 0;
+ goto err;
+ ;
value = app_conf_try_string(req_conf, attr_sect, buf);
if (!join(buf, sizeof(buf), type, "_min", "Name"))
- return 0;
+ goto err;
+ ;
if (!app_conf_try_number(req_conf, attr_sect, buf, &n_min))
n_min = -1;
if (!join(buf, sizeof(buf), type, "_max", "Name"))
- return 0;
+ goto err;
+ ;
if (!app_conf_try_number(req_conf, attr_sect, buf, &n_max))
n_max = -1;
-
if (!add_attribute_object(req,
v->value, def, value, nid, n_min,
n_max, chtype))
- return 0;
+ goto err;
+ ;
}
}
} else {
BIO_puts(bio_err, "No template, please set one up.\n");
- return 0;
+ goto err;
}
- return 1;
+ ret = 1;
+
+err:
+ X509_NAME_free(subj);
+ return ret;
}
static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk,
char *type;
CONF_VALUE *v;
X509_NAME *subj;
+ int ret = 0;
- subj = X509_REQ_get_subject_name(req);
+ if ((subj = X509_NAME_new()) == NULL)
+ goto err;
for (i = 0; i < sk_CONF_VALUE_num(dn_sk); i++) {
int mval;
if (!X509_NAME_add_entry_by_txt(subj, type, chtype,
(unsigned char *)v->value, -1, -1,
mval))
- return 0;
+ goto err;
}
if (!X509_NAME_entry_count(subj)) {
v = sk_CONF_VALUE_value(attr_sk, i);
if (!X509_REQ_add1_attr_by_txt(req, v->name, chtype,
(unsigned char *)v->value, -1))
- return 0;
+ goto err;
}
}
- return 1;
+
+ if (X509_REQ_set_subject_name(req, subj) == 0) {
+ BIO_printf(bio_err, "Error: Can't set subject name\n");
+ goto err;
+ }
+
+ ret = 1;
+
+err:
+ X509_NAME_free(subj);
+ return ret;
}
static int add_DN_object(X509_NAME *n, char *text, const char *def,
int use_ssl;
STACK_OF(OPENSSL_STRING) *aia = NULL;
X509 *cert;
- X509_NAME *iname;
+ const X509_NAME *iname;
STACK_OF(X509) *chain = NULL;
SSL_CTX *ssl_ctx;
X509_STORE_CTX *inctx = NULL;
{
int i, prev = -1, orflags, cnt;
int fn_opt, fn_nid;
- ASN1_OBJECT *fn;
+ const ASN1_OBJECT *fn;
const ASN1_STRING *val;
const X509_NAME_ENTRY *ent;
char objtmp[80];
}
/* Search term constructors */
-OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name)
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(const X509_NAME *name)
{
OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
return search;
}
-OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(const X509_NAME *name,
const ASN1_INTEGER *serial)
{
OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
return criterion->search_type;
}
-X509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion)
+const X509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion)
{
return criterion->name;
}
* Used by OSSL_STORE_SEARCH_BY_NAME and
* OSSL_STORE_SEARCH_BY_ISSUER_SERIAL
*/
- X509_NAME *name;
+ const X509_NAME *name;
/* Used by OSSL_STORE_SEARCH_BY_ISSUER_SERIAL */
const ASN1_INTEGER *serial;
int NAME_CONSTRAINTS_check(const X509 *x, NAME_CONSTRAINTS *nc)
{
int r, i, name_count, constraint_count;
- X509_NAME *nm;
+ const X509_NAME *nm;
nm = X509_get_subject_name(x);
if (X509_NAME_entry_count(nm) > 0) {
GENERAL_NAME gntmp;
gntmp.type = GEN_DIRNAME;
- gntmp.d.directoryName = nm;
+ /* XXX casts away const (but does not mutate) */
+ gntmp.d.directoryName = (X509_NAME *)nm;
r = nc_match(&gntmp, nc);
if (i == -1)
break;
ne = X509_NAME_get_entry(nm, i);
- gntmp.d.rfc822Name = X509_NAME_ENTRY_get_data(ne);
+ /* XXX casts away const (but does not mutate) */
+ gntmp.d.rfc822Name = (ASN1_STRING *)X509_NAME_ENTRY_get_data(ne);
if (gntmp.d.rfc822Name->type != V_ASN1_IA5STRING)
return X509_V_ERR_UNSUPPORTED_NAME_SYNTAX;
return X509_V_OK;
}
-static int cn2dnsid(ASN1_STRING *cn, unsigned char **dnsid, size_t *idlen)
+static int cn2dnsid(const ASN1_STRING *cn, unsigned char **dnsid, size_t *idlen)
{
int utf8_length;
unsigned char *utf8_value;
/* Process any commonName attributes in subject name */
for (i = -1;;) {
- X509_NAME_ENTRY *ne;
- ASN1_STRING *cn;
+ const X509_NAME_ENTRY *ne;
+ const ASN1_STRING *cn;
unsigned char *idval;
size_t idlen;
static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
{
- X509_NAME *nm;
+ const X509_NAME *nm;
ASN1_IA5STRING *email = NULL;
X509_NAME_ENTRY *ne;
GENERAL_NAME *gen = NULL;
return 0;
}
/* Find the subject name */
- nm = ctx->subject_cert != NULL ? X509_get_subject_name(ctx->subject_cert) : X509_REQ_get_subject_name(ctx->subject_req);
+ nm = ctx->subject_cert != NULL ? X509_get_subject_name(ctx->subject_cert)
+ : X509_REQ_get_subject_name(ctx->subject_req);
/* Now add any email address(es) to STACK */
while ((i = X509_NAME_get_index_by_NID(nm,
NID_pkcs9_emailAddress, i))
>= 0) {
- ne = X509_NAME_get_entry(nm, i);
+ /* XXX Casts away const */
+ ne = (X509_NAME_ENTRY *)X509_NAME_get_entry(nm, i);
email = ASN1_STRING_dup(X509_NAME_ENTRY_get_data(ne));
if (move_p) {
- X509_NAME_delete_entry(nm, i);
- X509_NAME_ENTRY_free(ne);
- i--;
+ /* We should really not support deleting things in a const object
+ * to rip the pointer out of it. If we truly want a new object
+ * without this in it, we should just construct one without it.
+ */
+ return 0;
}
if (email == NULL || (gen = GENERAL_NAME_new()) == NULL) {
ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB);
GENERAL_NAMES *gens)
{
STACK_OF(OPENSSL_STRING) *ret = NULL;
- X509_NAME_ENTRY *ne;
+ const X509_NAME_ENTRY *ne;
const ASN1_IA5STRING *email;
GENERAL_NAME *gen;
int i = -1;
return rv < 0 ? -1 : rv > 0;
}
-X509_NAME *X509_get_issuer_name(const X509 *a)
+const X509_NAME *X509_get_issuer_name(const X509 *a)
{
return a->cert_info.issuer;
}
}
#endif
-X509_NAME *X509_get_subject_name(const X509 *a)
+const X509_NAME *X509_get_subject_name(const X509 *a)
{
return a->cert_info.subject;
}
return ASN1_INTEGER_get(req->req_info.version);
}
-X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req)
+const X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req)
{
return req->req_info.subject;
}
* (RFC 3820: 3.4, 4.1.3 (a)(4))
*/
if ((x->ex_flags & EXFLAG_PROXY) != 0) {
- X509_NAME *tmpsubject = X509_get_subject_name(x);
- X509_NAME *tmpissuer = X509_get_issuer_name(x);
+ const X509_NAME *tmpsubject = X509_get_subject_name(x);
+ const X509_NAME *tmpissuer = X509_get_issuer_name(x);
+ X509_NAME *tmpsubject2;
X509_NAME_ENTRY *tmpentry = NULL;
int last_nid = 0;
int err = X509_V_OK;
* Check that the last subject RDN is a commonName, and that
* all the previous RDNs match the issuer exactly
*/
- tmpsubject = X509_NAME_dup(tmpsubject);
- if (tmpsubject == NULL) {
+ tmpsubject2 = X509_NAME_dup(tmpsubject);
+ if (tmpsubject2 == NULL) {
ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
ctx->error = X509_V_ERR_OUT_OF_MEM;
return -1;
}
- tmpentry = X509_NAME_delete_entry(tmpsubject, last_loc);
+ tmpentry = X509_NAME_delete_entry(tmpsubject2, last_loc);
last_nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(tmpentry));
if (last_nid != NID_commonName
- || X509_NAME_cmp(tmpsubject, tmpissuer) != 0) {
+ || X509_NAME_cmp(tmpsubject2, tmpissuer) != 0) {
err = X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION;
}
X509_NAME_ENTRY_free(tmpentry);
- X509_NAME_free(tmpsubject);
+ X509_NAME_free(tmpsubject2);
proxy_name_done:
CB_FAIL_IF(err != X509_V_OK, ctx, x, i, err);
}
#endif
-X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl)
+const X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl)
{
return crl->crl.issuer;
}
return -1;
}
-X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc)
+const X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc)
{
if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
|| loc < 0)
return 1;
}
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne)
+const ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne)
{
if (ne == NULL)
return NULL;
return ne->object;
}
-ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne)
+const ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne)
{
if (ne == NULL)
return NULL;
typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
- OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
- OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(const X509_NAME *name);
+ OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(const X509_NAME *name,
const ASN1_INTEGER
*serial);
OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
- X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+ const X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
*criterion);
const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
#include <openssl/x509.h>
- ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
- ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+ const ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ const ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
const ASN1_OBJECT *obj, int lastpos);
int X509_NAME_entry_count(const X509_NAME *name);
- X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+ cont X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
Deprecated Functions:
unsigned long X509_NAME_hash_ex(const X509_NAME *x, OSSL_LIB_CTX *libctx,
const char *propq, int *ok);
- X509_NAME *X509_get_subject_name(const X509 *x);
+ const X509_NAME *X509_get_subject_name(const X509 *x);
int X509_set_subject_name(X509 *x, const X509_NAME *name);
unsigned long X509_subject_name_hash(const X509 *x);
- X509_NAME *X509_get_issuer_name(const X509 *x);
+ const X509_NAME *X509_get_issuer_name(const X509 *x);
int X509_set_issuer_name(X509 *x, const X509_NAME *name);
unsigned long X509_issuer_name_hash(const X509 *x);
- X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+ const X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
int X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name);
- X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+ const X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
int X509_CRL_set_issuer_name(X509_CRL *x, const X509_NAME *name);
#include <openssl/x509_acert.h>
* The input is considered to be owned by the caller, and must therefore
* remain present throughout the lifetime of the returned OSSL_STORE_SEARCH
*/
-OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
-OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(const X509_NAME *name);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(const X509_NAME *name,
const ASN1_INTEGER
*serial);
OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
/* Search term accessors */
int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
-X509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion);
+const X509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion);
const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
*criterion);
const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
ASN1_INTEGER *X509_get_serialNumber(X509 *x);
const ASN1_INTEGER *X509_get0_serialNumber(const X509 *x);
int X509_set_issuer_name(X509 *x, const X509_NAME *name);
-X509_NAME *X509_get_issuer_name(const X509 *a);
+const X509_NAME *X509_get_issuer_name(const X509 *a);
int X509_set_subject_name(X509 *x, const X509_NAME *name);
-X509_NAME *X509_get_subject_name(const X509 *a);
+const X509_NAME *X509_get_subject_name(const X509 *a);
const ASN1_TIME *X509_get0_notBefore(const X509 *x);
ASN1_TIME *X509_getm_notBefore(X509 *x);
int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm);
long X509_REQ_get_version(const X509_REQ *req);
int X509_REQ_set_version(X509_REQ *x, long version);
-X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
+const X509_NAME *X509_REQ_get_subject_name(const X509_REQ *req);
int X509_REQ_set_subject_name(X509_REQ *req, const X509_NAME *name);
void X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
const X509_ALGOR **palg);
OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl);
OSSL_DEPRECATEDIN_1_1_0 ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl);
#endif
-X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
+const X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(const X509_CRL *crl);
const X509_ALGOR *X509_CRL_get0_tbs_sigalg(const X509_CRL *crl);
int X509_NAME_get_index_by_NID(const X509_NAME *name, int nid, int lastpos);
int X509_NAME_get_index_by_OBJ(const X509_NAME *name, const ASN1_OBJECT *obj,
int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
+const X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne,
int loc, int set);
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
const unsigned char *bytes, int len);
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
-ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
+const ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+const ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
int X509_NAME_get0_der(const X509_NAME *nm, const unsigned char **pder,
{
BIO *in = BIO_new(BIO_s_file());
X509 *x = NULL;
+ const X509_NAME *cxn = NULL;
X509_NAME *xn = NULL;
STACK_OF(X509_NAME) *ret = NULL;
LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp);
goto err;
}
}
- if ((xn = X509_get_subject_name(x)) == NULL)
+ if ((cxn = X509_get_subject_name(x)) == NULL)
goto err;
/* check for duplicates */
- xn = X509_NAME_dup(xn);
+ xn = X509_NAME_dup(cxn);
if (xn == NULL)
goto err;
if (lh_X509_NAME_retrieve(name_hash, xn) != NULL) {
{
BIO *in;
X509 *x = NULL;
+ const X509_NAME *cxn = NULL;
X509_NAME *xn = NULL;
int ret = 1;
for (;;) {
if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL)
break;
- if ((xn = X509_get_subject_name(x)) == NULL)
+ if ((cxn = X509_get_subject_name(x)) == NULL)
goto err;
- xn = X509_NAME_dup(xn);
+ xn = X509_NAME_dup(cxn);
if (xn == NULL)
goto err;
if (lh_X509_NAME_retrieve(name_hash, xn) != NULL) {
int ok = 1;
OSSL_STORE_CTX *ctx = NULL;
X509 *x = NULL;
+ const X509_NAME *cxn = NULL;
X509_NAME *xn = NULL;
OSSL_STORE_INFO *info = NULL;
depth - 1);
} else if (infotype == OSSL_STORE_INFO_CERT) {
if ((x = OSSL_STORE_INFO_get0_CERT(info)) == NULL
- || (xn = X509_get_subject_name(x)) == NULL
- || (xn = X509_NAME_dup(xn)) == NULL)
+ || (cxn = X509_get_subject_name(x)) == NULL
+ || (xn = X509_NAME_dup(cxn)) == NULL)
goto err;
if (sk_X509_NAME_find(stack, xn) >= 0) {
/* Duplicate. */
|| !TEST_true(X509_gmtime_adj(X509_getm_notBefore(x509), 0))
|| !TEST_true(X509_gmtime_adj(X509_getm_notAfter(x509), 31536000L))
|| !TEST_true(X509_set_pubkey(x509, pkey))
- || !TEST_ptr(name = X509_get_subject_name(x509))
+ || !TEST_ptr(name = X509_NAME_new())
|| !TEST_true(X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC,
(unsigned char *)"CH", -1, -1, 0))
|| !TEST_true(X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC,
(unsigned char *)"test.org", -1, -1, 0))
|| !TEST_true(X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC,
(unsigned char *)"localhost", -1, -1, 0))
+ || !TEST_true(X509_set_subject_name(x509, name))
|| !TEST_true(X509_set_issuer_name(x509, name))
|| !TEST_true(X509_sign(x509, pkey, EVP_sha1()))
|| !TEST_ptr(keybio = BIO_new_file(privkeyfilename, "wb"))
EVP_PKEY_free(pkey);
X509_free(x509);
+ X509_NAME_free(name);
EVP_PKEY_CTX_free(evpctx);
BIO_free(keybio);
BIO_free(certbio);
projects / thirdparty / openssl.git / commitdiff
